This work has been postponed to Wednesday. Sorry for the short notice.
In a very confusing method of observing Valentine’s Day, some resource calendars are being migrated from the soon-to-be-retired Zimbra server tomorrow during the day. If you have any reservations or changes to make on these calendars, please get them in place today. Tomorrow during the day they will be moved to Exchange, and we’ll send out pointers to instructions on the new calendar location and procedures after the migration is complete.
The list of calendars being migrated are:
MCS Travel/Absence calendar
MCS Wireless Modem reservation calendars
MCS Projector reservation calendars
MCS Loaner Laptop reservation calendars
Please see the note below regarding a Flash Player update to address a vulnerability that is currently being exploited. For administrative users whose systems are managed by us, we’ll get you up to date. This notice is for all those who manage their own machines.
Adobe has released an Emergency Patch for Flash on all platforms on Feb 4.
Windows and Macintosh should update to Adobe Flash Player 22.214.171.124.
(Exploits ARE available and targetting MacOS machines too.)
Linux should update to Adobe Flash Player 126.96.36.1996.
Google Chrome has Flash built in so needs to be updated the lastest patch level.
Internet Explorer Versions 10 and 11 also have built in Flash and have patches available.
There are currently exploits in the wild on this and appear to be picking up speed on distribution.
Please get updates installed on your systems as soon as possible.
We will be updating the DNS Blacklist, Web Proxy and Email gateway with signatures as bad stuff is found. Be aware that things are changing faster than anyone can react to insert filters or blocks.
Notifications are now enabled to all recipients and senders of blocked attachments. This is rudimentary and will be fine-tuned tomorrow. More details as I get them…
This is a followup to the announcement this weekend, also available here: https://mcssys.wordpress.com/2014/02/01/sending-and-receiving-attachments-may-not-work/
A quick update on how things are progressing with the problem of e-mail attachments being silently dropped. The Cyber and email teams in CIS met today to go over the problem. I just got off the phone with them and we discussed what’s happening.
* They’re putting through a change today that will stop blocking some of the problematic attachments that are low threat (such as shell scripts, for example).
* Notifications are indeed broken. If the system were working as expected, items would not have been blocked silently. If it were working as designed, one of two notifications would be triggered. For internal to internal messaging, the sender of the blocked attachment would have received a notice the attachment was blocked. For external to internal messaging, the recipient would have received the message minus the attachment, and received instructions on how to go about getting the attachment released. CIS don’t know why this is failing, but it is still an issue and they’re actively looking into it.
* We discussed alternatives to this that would accomplish the goal of protecting users and machines from malware while not hampering work. That’s an ongoing process, obviously, but there are already clear avenues we can pursue that are being investigated. Ideally, for anything that *does* get blocked, it would result in the recipient being able to retrieve the blocked item in a self-service method and in a timely fashion.
I’ll continue to keep everyone posted. Thanks to all who reported this issue. CIS is quite upset and apologetic about the inconvenience this caused — silently dropping mail is never a good thing.
It seems that the Exchange server almost all of us are using is blocking attachments that have executable files. What this means is that if you receive a file (including a ZIP file) that contains a windows executable, or even an executable shell script, it’ll get blocked. It’s supposed to notify you of this, but that appears to not be working reliably at the moment.
I’m working with CIS on this (from both a policy and execution standpoint), but in the meantime if you don’t get an email you were expecting, it may be because it contains a “forbidden” attachment. In these cases, until we figure this out, you should work with the person sending the attachment to get the file via some other method, such as sharing via a file service (box.com, Dropbox, Google, etc.) or send to an alternate account.
I’m really sorry about this — if I could turn it off right now I would, trust me. We’ll figure it out, though, and I’ll keep working with everyone involved to make sure the solution works for all sides. Please continue to let me know any issues you do come across. Thanks.
Please see the following announcement from CIS. The only thing that seems to affect CELS is the telephone system work and some Argonne web applications being patched. Argonne Business Systems will be inaccessible on that Saturday.
IT Maintenance Weekend Coming January 17-19
Major maintenance activities are planned for the weekend of January 17-19. Work will commence at 5:00 pm on Fri, 1/17 and continue through 7:00 pm on Sun. 1/19. Expect that any laboratory network and core IT services may be effected throughout the weekend. Please note;
- All telephone systems will be down for resiliency testing between 6:00 and 7:00 pm Friday. This includes emergency phones and 911 services. A PA announcement will be made when this happens. In the event of emergency, employees should contact emergency services from their cell phones (630-252-1911).
- All telephone systems will be down for resiliency testing. A PA announcement will be made. ~15 min. outage expected
- All voicemail services down. ~2 hr. outage expected
- Web applications down for patching
- Building 201, network outage much of the day
- do not expect to have network access or get to your desktop computers in Bldg. 201 on Saturday
- Wireless networks, rolling outages throughout the day
- Many business systems & SCADA down for the morning
- Login servers down in the afternoon, majority of business application inaccessible
- Web applications server upgrade, ~2 hr. outage expected
- Most everything back to normal by early morning
- Full verification throughout the day
Due to the treacherous conditions, a number of the Systems team are working remotely today. We’re online and accessible, but any activities requiring in-person actions might be delayed. As always, report any issues to email@example.com.
Thanks, and stay safe (and warm)!
At 5:00pm today there will be a brief outage of all the WordPress sites on press3.mcs.anl.gov including those below. This is so applied security updates can take effect. The outage is expected to only last a few minutes and an all clear will be sent when the server and sites are back. If this outage poses a problem please email firstname.lastname@example.org so we can work with you on it.
The next CIS maintenance weekend will be Friday January 17 through Sunday January 19, 2014. The scope of the work to be done on this weekend is still being determined. Please let us know if there are particular concerns you have with this window.